> denial of service risk > > To prevent trivial dos attacks where an attacker with a single IP > generates several new relay fingerprints until the entire AS is blocked > from adding new relays for a few hours these relays should come from > distinct IP addresses. That actually opens a possibility to bypass the entire rate limiting by creating all keys with a single IP and then distribute them to the actual IPs, but it would still be limited to 2x24 new relays/fingerprints per day.
Attachment:
signature.asc
Description: OpenPGP digital signature
_______________________________________________ tor-dev mailing list tor-dev@xxxxxxxxxxxxxxxxxxxx https://lists.torproject.org/cgi-bin/mailman/listinfo/tor-dev